Skip to content

Monero Documentation

Monero Pseudorandom Number Generator

Initializing search

Monero Documentation

Home
Interacting
Interacting
Technical specs
Cryptography
Cryptography
- Introduction
- Asymmetric
  Asymmetric
- Base58
- PRNG PRNG
  Table of contents
  - Caveats
  - Reference
- Keccak-256
Address
Address
Proof of Work
Proof of Work
Multisignature
Infrastructure
Infrastructure
Running a Node
Running a Node
- Open Node + Tor Onion
Cold storage
Cold storage
- Offline Transaction Signing
Accepting Monero
Accepting Monero
- Overview

Table of contents

Caveats
Reference

Monero Pseudorandom Number Generator¶

Monero uses PRNG based on the Keccak hashing function. Basically, output of the previous hashing round is input for the next one.

The initial seed comes from entropy sources provided by operating system. On Linux and MacOS the seed comes from /dev/urandom. On Windows the WinAPI CryptGenRandom call is used for seeding.

There is no reseeding.

Caveats¶

This concerns the reference C++ implementation of Monero. Please note there are many alternative implementations of private key generation, including JavaScript, Python, Android/Java. These should be researched case by case for correctness.
In Monero source code you can also find libsodium based random bytes generator. It is part of the embedded library and apparently is not used in actual Monero code.

Reference¶

Source code
StackExchange answer

Previous Base58

Next Keccak-256

Tor onion version | contact | © 2021 MoneroDocs under MIT | built w/ mkdocs and squidfunk/material